Cybersecurity attacks: A 30,000% increase in just one year.

According to the French National Agency for the Security of Information Systems (ANSI), the number of victims of cybercrime increased fourfold between 2019 and 2020 in France. IT security experts estimate that lockdown periods with increased working from home, has resulted in a 30,000% increase in criminal acts such as phishing, malware, botnets, data theft etc. Cyber-attacks have never been more frequent and dangerous. However, the health crisis has not alone been the responsible factor for the resurgence in cybercrime. The rise in popularity in applications such as the cloud and the boom of connected devices are still primary sources for computer vulnerabilities and IT threats. Learn more about the latest cybersecurity attacks.

A lack of secured integrated cloud services…

The impact of poorly managed/controlled real-time databases

The usage of networks such as the cloud is seeing explosive growth amongst its users. The IDC (International Data Corporation) – one of the largest IT consulting and market research companies – predicts that nearly half of the world’s data will be stored and hosted on the cloud by 2025 – to put this into perspective, this represents a volume of 175 zettabytes or 175 billion terabytes. The arising issue is that all this information is far from being securely stored…

The latest example of such a cyber security vulnerability related to cloud usage, comes from Android. Check Point Research (CPR) – a group of cyber threat analysts and researchers – has revealed that the personal data of more than 100 million users has been exposed through insecure Android applications, due to the poor real-time configuration of databases. These DBDs enable developers to store information on the cloud, so that it can be instantly synchronised with each connected user. However, in this very case where authentication and access rights were poorly managed and regulated, all of this user data has become unintentionally accessible to the wrong sort of individuals…

As a result of this, CPR were able to obtain lots of user information: some of which being sensitive including email addresses, passwords, private discussions and even device locations which are stored by some applications available in the Google Play store. Testing on other applications also revealed that push notifications and online registration data were also vulnerable to certain threats – once again, the cause of this being poor protection or even negligence towards data storage; passwords and access keys were being openly stored within the source code. Finally, CPR also discovered that most of the programs detected by them had “read” and “write” permissions on their files – making them easily modifiable.

A poor perspective and management of cloud computing

According to McAfee, nearly 83% of companies in 2018 stored sensitive data on the cloud. With the burden of having to face lockdowns during the crisis, as well as the digitalisation and working from home era, there is no doubt that this figure will have increased even further… Except that, according to another Bitglass study, only 44% of companies have visibility over their data being shared online as well as possible access breaches and flaws. The research firm Gartner revealed that 95% of security failures on the cloud are a result of customer actions.

For insecure use of cloud computing with no cybersecurity policy whatsoever, internal threats, poorly managed databases as well as API configurations are the main factors for cloud vulnerabilities. Sadly, over this past year, cybercrime figures have only seemed to confirm this fact:

In January 2021, Microsoft announced that five of its servers hosting anonymous user statistics had been exposed on the internet without adequate protection.
In February, American multinational company Estée Lauder, exposed more than 440 million internal files due to a poorly secured database.
Open databases have also resulted in the theft of 425 GB of sensitive data stored by financial software, MCA.
Virgin Media discovered that their database used for marketing analysis was online without adequate password protection – more than 900,000 customers were victims of their personal information being compromised online.
Photo site Freepik lost data belonging to 8.3 million users due to an uncontrolled SQL injection attack.
At Cisco, an employee was found guilty of causing a major internal attack. The former engineer was able to access a protected computer, 5 months after leaving the company and deployed a harmful script - leading to 456 virtual machines which Cisco depended on, being deleted.

IoT: Are there a great number of opportunities for cyber criminals?

Attacks on connected devices have multiplied quickly

According to the latest report from security services company, Palo Alto Networks, 57% of IOT devices are vulnerable to medium/high-severity cyber-attacks – what’s worse, is that nearly 98% of information exchanged through devices connected to the internet in business environments, are not encrypted. Cyber attackers have taken advantage of this discovery and are targeting such machines more and more. Here too, there is no shortage of examples:

Kaspersky analysts have discovered means of detecting Mirai and NyaDrop malware, which are responsible for 39% of cyber-attacks. This is not very sophisticated cybercrime; however, it is just one example of a brute force attack which exploits open vulnerabilities.

Forescout’s team of computer security researchers have also discovered that there are potentially more than 9 security flaws which threaten hundreds of millions of connected devices around the world. Notoriously known as NAME: WRECK, these vulnerabilities – if exploited (or rather a matter of knowing when they will be exploited) – could enable hackers to launch Denial of Service (DNS) attacks against or take control of a target device through Remote Control Execution (RCE).

Vulnerabilities are even present going as far as when chips are manufactured

However cyber-attacks are not only linked to the cloud or even the network. Sometimes, faults derive from the components themselves. In August 2020, Check Point Research discovered more than 400 vulnerabilities on Qualcomm’s Snapdragon DSP (Digital Signal Processor) chip. This component is present on almost 40% of all smartphones. Such developed breaches would have allowed a hacker to unlock a mobile’s SIM card; using the Android operating system to inject malicious code into the device and access for example, SMS and audio conversations.

The outcomes of latest security attacks reflect a sharp increase in the number of vulnerabilities related to the cloud and the internet. Yet in 2021, companies still do not assume “the responsibility of securing the equipment which they design”, according to Alex Balan, head of the security research team at Bitdefender. On the cloud side, the observations made are identical – the majority of companies do not possess an internal security policy regulating access and the use of cloud computing.

So, cyber-attacks are likely to continue increasing in the coming years. What’s your take? Which cyber-attacks have been the most significant for you as an individual or company? Do not hesitate to leave us your thoughts on the IT forum.